You are here

Flashback Attack Part 3

Flashback Attack Part 3
by Gary Woods

Last week we looked at what Apple's response to the Flashback virus was and how long it took for that response to roll out. This week we'll talk about some suggestions for protecting yourself against the next attack to the Mac OS.

One of the suggestions for protecting us from ourselves is to use a technique called sandboxing which walls off some software from the rest of the system allowing it to run independently and thereby not infecting the rest of your computer. This technique would be particularly helpful in regard to Flash and Java and would be something to look at with Safari. Adobe has recently added more extensive sandboxing to Acrobat on Windows and that technique has reduced the effectiveness of attacks.

A feature that's going to be part of the next OS X release which is 10.8, Mountain Lion is called Gatekeeper. This feature has three different levels of protection it will provide your Mac. The most stringent level is that it will only allow programs from the App Store to be installed on your computer. Apple certifies that everything from the store is completely free of any Malware therefore you won't have a problem if everything on your computer comes from them.

The second level allows you to install anything from the App Store and from all developers outside the Store who have an Apple Developer ID. All the developers who have programs for sale on the Store will get a Developer ID with their digital signature that allows Gatekeeper to verify that their app is not known to have malware and that it hasn't been tampered with.

The third level of Gatekeeper allows you to install anything you want.

Whether Gatekeeper is the answer remains to be seen but it's certainly an interesting and very Apple like solution. In other words control all access to your computer or if you don't want to go down their road you're on your own.

One thing that's definitely happened since Flashback appeared is that purchases of Anti-virus software on the App Store and from third party vendors have climbed dramatically. At this point I'm still not convinced it's time to batten down the hatches and wall off my computer from all outside sources by installing Anti-virus software and purchasing software only from the App Store. On the PC I would never fire up a computer without some kind of protection on it, but the Mac still seems like somewhat of a safe haven provided you follow some rules of safe computing.

Next week we'll look at some things that I've personally done to try and protect myself from attacks on both the PC and the Mac.